From 9b31a7b44b3d742ec68fd292a7f2f6f2a2d9bd69 Mon Sep 17 00:00:00 2001 From: Nutomic Date: Fri, 8 Mar 2024 15:26:57 +0100 Subject: [PATCH] Get Mastodon signed fetch working (#98) * debug signed fetch * regex * content-type * no dbg * clippy --- src/fetch/mod.rs | 3 +++ src/fetch/object_id.rs | 8 ++++---- src/fetch/webfinger.rs | 10 +++++++++- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/src/fetch/mod.rs b/src/fetch/mod.rs index 71e1ce5..fbbe6b7 100644 --- a/src/fetch/mod.rs +++ b/src/fetch/mod.rs @@ -57,11 +57,14 @@ pub async fn fetch_object_http( static ALT_CONTENT_TYPE: HeaderValue = HeaderValue::from_static( r#"application/ld+json; profile="https://www.w3.org/ns/activitystreams""#, ); + static ALT_CONTENT_TYPE_MASTODON: HeaderValue = + HeaderValue::from_static(r#"application/activity+json; charset=utf-8"#); let res = fetch_object_http_with_accept(url, data, &CONTENT_TYPE).await?; // Ensure correct content-type to prevent vulnerabilities. if res.content_type.as_ref() != Some(&CONTENT_TYPE) && res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE) + && res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE_MASTODON) { return Err(Error::FetchInvalidContentType(res.url)); } diff --git a/src/fetch/object_id.rs b/src/fetch/object_id.rs index 782900d..f3fa560 100644 --- a/src/fetch/object_id.rs +++ b/src/fetch/object_id.rs @@ -197,9 +197,9 @@ static ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG: i64 = 20; fn should_refetch_object(last_refreshed: DateTime) -> bool { let update_interval = if cfg!(debug_assertions) { // avoid infinite loop when fetching community outbox - ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG) + ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG).expect("valid duration") } else { - ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS) + ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS).expect("valid duration") }; let refresh_limit = Utc::now() - update_interval; last_refreshed.lt(&refresh_limit) @@ -362,10 +362,10 @@ pub mod tests { #[test] fn test_should_refetch_object() { - let one_second_ago = Utc::now() - ChronoDuration::seconds(1); + let one_second_ago = Utc::now() - ChronoDuration::try_seconds(1).unwrap(); assert!(!should_refetch_object(one_second_ago)); - let two_days_ago = Utc::now() - ChronoDuration::days(2); + let two_days_ago = Utc::now() - ChronoDuration::try_days(2).unwrap(); assert!(should_refetch_object(two_days_ago)); } } diff --git a/src/fetch/webfinger.rs b/src/fetch/webfinger.rs index 7da2fdf..f065618 100644 --- a/src/fetch/webfinger.rs +++ b/src/fetch/webfinger.rs @@ -121,7 +121,7 @@ where T: Clone, { static WEBFINGER_REGEX: Lazy = - Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_]+)@(.*)$").expect("compile regex")); + Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_\.\-]+)@(.*)$").expect("compile regex")); // Regex to extract usernames from webfinger query. Supports different alphabets using `\p{L}`. // TODO: This should use a URL parser let captures = WEBFINGER_REGEX @@ -288,6 +288,14 @@ mod tests { Ok("Владимир"), extract_webfinger_name("acct:Владимир@example.com", &data) ); + assert_eq!( + Ok("example.com"), + extract_webfinger_name("acct:example.com@example.com", &data) + ); + assert_eq!( + Ok("da-sh"), + extract_webfinger_name("acct:da-sh@example.com", &data) + ); assert_eq!( Ok("تجريب"), extract_webfinger_name("acct:تجريب@example.com", &data)